CVE-2023-53741

Description

Screen SFT DAB 1.9.3 contains a weak session management vulnerability that allows attackers to bypass authentication controls by reusing IP address-bound session identifiers. Attackers can exploit the vulnerable API by intercepting and reusing established sessions to remove user accounts without proper authorization.

CVSS Details

CVSS Score

8.1

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Configurations (Affected Products)

cpe:2.3:o:dbbroadcast:sft_dab_015\/c_firmware:1.9.3:*:*:*:*:*:*:* - VULNERABLE

cpe:2.3:h:dbbroadcast:sft_dab_015\/c:-:*:*:*:*:*:*:* - NOT VULNERABLE

cpe:2.3:o:dbbroadcast:sft_dab_050\/c_firmware:1.9.3:*:*:*:*:*:*:* - VULNERABLE

cpe:2.3:h:dbbroadcast:sft_dab_050\/c:-:*:*:*:*:*:*:* - NOT VULNERABLE

cpe:2.3:o:dbbroadcast:sft_dab_150\/c_firmware:1.9.3:*:*:*:*:*:*:* - VULNERABLE

cpe:2.3:h:dbbroadcast:sft_dab_150\/c:-:*:*:*:*:*:*:* - NOT VULNERABLE

cpe:2.3:o:dbbroadcast:sft_dab_300\/c_firmware:1.9.3:*:*:*:*:*:*:* - VULNERABLE

cpe:2.3:h:dbbroadcast:sft_dab_300\/c:-:*:*:*:*:*:*:* - NOT VULNERABLE

cpe:2.3:o:dbbroadcast:sft_dab_600\/c_firmware:1.9.3:*:*:*:*:*:*:* - VULNERABLE

cpe:2.3:h:dbbroadcast:sft_dab_600\/c:-:*:*:*:*:*:*:* - NOT VULNERABLE

Screen SFT DAB 1.9.3

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

...

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2023-53741
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2023-53741
[3] CVE Details https://www.cvedetails.com/cve/CVE-2023-53741/
[4] VulDB https://vuldb.com/cve/CVE-2023-53741
[5] https://www.dbbroadcast.com
[6] https://www.dbbroadcast.com/products/radio/sft-dab-series-compact-air/
[7] https://www.exploit-db.com/exploits/51457
[8] https://www.screen.it
[9] https://www.vulncheck.com/advisories/screen-sft-dab-authentication-bypass-via-ip-session-management
[10] https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5773.php
[11] https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5773.php

Raw JSON Data

JSON

{"cve": {"id": "CVE-2023-53741", "sourceIdentifier": "[email protected]", "published": "2025-12-10T21:16:03.420", "lastModified": "2025-12-18T21:15:50.460", "vulnStatus": "Modified", "cveTags": [], "descriptions": [{"lang": "en", "value": "Screen SFT DAB 1.9.3 contains a weak session management vulnerability that allows attackers to bypass authentication controls by reusing IP address-bound session identifiers. Attackers can exploit the vulnerable API by intercepting and reusing established sessions to remove user accounts without proper authorization."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 5.1, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "baseScore": 8.1, "baseSeverity": "HIGH", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 5.2}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-384"}]}, {"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-384"}]}], "configurations": [{"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:dbbroadcast:sft_dab_015\\/c_firmware:1.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "0EE37C7E-291F-45C3-BB2E-86C9A7F39208"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:h:dbbroadcast:sft_dab_015\\/c:-:*:*:*:*:*:*:*", "matchCriteriaId": "9BD8A6C5-36B7-4163-824B-32DAC7AEC701"}]}]}, {"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:dbbroadcast:sft_dab_050\\/c_firmware:1.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "AE43E31F-976D-420F-BF89-04F071998703"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:h:dbbroadcast:sft_dab_050\\/c:-:*:*:*:*:*:*:*", "matchCriteriaId": "BD0400E2-2D22-4323-A2B3-96CC2CA228FF"}]}]}, {"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:dbbroadcast:sft_dab_150\\/c_firmware:1.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "CA97FA0A-3503-4A79-8170-7873A57917D0"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:h:dbbroadcast:sft_dab_150\\/c:-:*:*:*:*:*:*:*", "matchCriteriaId": "F2D8D14D-C6F4-43CA-A688-AF9F4522F123"}]}]}, {"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:dbbroadcast:sft_dab_300\\/c_firmware:1.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "427DE942-7268-4054-967A-B2FA28AC8FCB"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:h:dbbroadcast:sft_dab_300\\/c:-:*:*:*:*:*:*:*", "matchCriteriaId": "7C9BA369-3D1D-4AFA-8C53-1D0B1BD4A365"}]}]}, {"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:dbbroadcast:sft_dab_600\\/c_firmware:1.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "B51EAD42-9B3F-44D5-973A-4758498D1339"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:h:dbbroa ... (truncated)